Security News > 2021 > April > LinkedIn Spear-Phishing Campaign Targets Job Hunters

A threat group called Golden Chickens is delivering the fileless backdoor more eggs through a spear-phishing campaign targeting professionals on LinkedIn with fake job offers, according to researchers at eSentire.

"Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more eggs."

Second, McLeod pointed out the personalized spear phishing emails are effective in enticing victims to click on the fake job offer.

While eSentire hasn't been able to pinpoint the group behind more eggs, researchers have observed the groups FIN6, Cobalt Group and Evilnum have each used the more eggs malware as a service for their own purposes.

Evilnum likes to attack financial tech companies, according to eSentire, to steal spreadsheets, customer lists and trading credentials, while Cobalt Group is usually focused on attacking financial companies with the more eggs backdoor.

"In the report, eSentire follows the more eggs LinkedIn attack on someone in the health care technology sector. Chris Hazelton with mobile security provider Lookout told Threatpost that the victim that said was likely chosen so that cybercriminals could gain"access to an organization's cloud infrastructure, with a potential goal of exfiltrating sensitive data related to intellectual property or even infrastructure-controlling medical devices.

News URL

https://threatpost.com/linkedin-spear-phishing-job-hunters/165240/